public function countSubThreads($topicid) { $counter = 0; // go through every thread foreach ($this->threads as $thread) { if ($thread->getTopTopic() == $topicid) { if ($thread->getThreadState() != forumtools::$THREADHIDDEN || usertools::containRoles($GLOBALS["adminRoles"], $_SESSION["user"]->getRoles())) { $counter += 1; } $counter += $this->countSubThreads($thread->getId()); } } return $counter; }
<?php /** * Code for the most sites for the beginning... */ require_once 'config.php'; require_once 'class/user.php'; require_once 'class/smarty/Smarty.class.php'; $template = new Smarty(); session_start(); if (!isset($_SESSION["user"]) && basename($_SERVER['PHP_SELF']) != "login.php") { header("Location: login.php"); } else { if (isset($_SESSION["user"]) && usertools::containRoles($GLOBALS["adminRoles"], $_SESSION["user"]->getRoles())) { $template->assign("admin", true); } } $messages = array(); try { $connection = new PDO($GLOBALS["db_type"] . ':dbname=' . $GLOBALS["db_dbname"] . ';host=' . $GLOBALS["db_host"] . '', $GLOBALS["db_loginname"], $GLOBALS["db_loginpassword"]); } catch (PDOException $e) { array_push($messages, $e->getMessage()); }
public static function setPassword($username, $password, $connection) { if (usertools::passwordRequirements($password, $GLOBALS["min_password_length"], $GLOBALS["password_need_specialchars"])) { $password = hash($GLOBALS["password_hash"], $password); $connection->exec('UPDATE users SET password="******" WHERE username="******";'); } }
<?php require_once 'class/default.php'; if (isset($_SESSION['user']) && $_SESSION['user']->isValid()) { header("Location: index.php"); } switch ($_GET['action']) { case "register": if (!empty($_POST['name']) && !empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['password2'])) { if ($_POST["password"] == $_POST["password2"]) { // FIXME use default-value from db for role! array_push($messages, usertools::registerUser($_POST["name"], $_POST["username"], $_POST["password"], 1, $connection)); } else { array_push($messages, _("Passwords doesn't match")); } } $template->assign("messages", $messages); $template->display('register.tpl'); break; case "logout": $_SESSION["user"]->logout(); header("Location: login.php"); break; default: if (!empty($_POST['username']) && !empty($_POST['password'])) { $user = new user($_POST['username'], $_POST['password'], $connection); if (isset($_SESSION["user"]) && $user->isValid()) { header("Location: index.php"); } else { array_push($messages, _("Wrong Password or user")); }
} $newUser = array("name" => $_POST['name'], "password" => $_POST['password'], "broleid" => $roleid); usertools::editUser($_SESSION['editUser'], $newUser, $connection); array_push($messages, "Changes where successfull for user " . $_SESSION['editUser']['username']); } else { array_push($messages, "Passwords don't match!"); } } unset($_SESSION['editUser']); break; case "mkuser": if (!empty($_POST['username']) && !empty($_POST['name'])) { if ($_POST['password'] == $_POST['password2']) { $roleid; foreach (admin::getRoles($connection) as $role) { if ($role['role'] == $_POST['role']) { $roleid = $role['roleid']; } } usertools::registerUser($_POST['username'], $_POST['name'], $_POST['password'], $roleid, $connection); array_push($messages, "User " . $_POST['username'] . "created succefull"); } } break; } if (!isset($_GET['action']) || $_GET['action'] == "mkedit" || $_GET['action'] == "mkuser") { $template->assign("messages", $messages); $users = admin::getUsers($connection); $template->assign("users", admin::extractFromArray($users, "username")); $template->display('user.tpl'); }
public function createNewThread($title, $text, $toptopic = -1) { $this->connect->exec("INSERT INTO `learncards`.`forum_threads` (`forumid`, `userid`, `title`, `text`, `timestamp`, `toptopic`) VALUES (NULL, '" . $this->user->getId() . "', '" . $title . "', '" . $text . "', CURRENT_TIMESTAMP, '" . $toptopic . "');"); $this->nrOfThreads += 1; $thread = new thread(); $thread->setId($this->connect->lastInsertId()); $thread->setText($text); $thread->setTimestamp(""); $thread->setTitle($title); $thread->setUserId($this->user->getId()); $thread->setTopTopic($toptopic); $thread->setUsername(usertools::getUsernameById($this->user->getId(), $this->connect)); array_push($this->threads, $thread); return $this->connect->lastInsertId(); }
<?php require_once 'class/default.php'; if (isset($_SESSION['user']) && $_SESSION['user']->isValid()) { header("Location: index.php"); } $template->assign("registration", $GLOBALS['registration']); switch ($_GET['action']) { case "register": if (!empty($_POST)) { $userResult = usertools::registerUser($_POST, $connection); if ($userResult == "0") { $messages[] = "User " . $_POST['registerUsername'] . " was created successfull!"; $template->assign("messages", $messages); $template->display('login.tpl'); break; } else { var_dump($userResult); $messages[] = $userResult; $template->assign("messages", $messages); $template->assign('errorTitle', "ERROR! Registration failed!"); $template->assign('errorDescription', "There was a failure on registration. Description: " . $userResult); $template->display('error.tpl'); die; } } $template->display('login.tpl'); break; case "logout": if (isset($_SESSION["user"])) { $_SESSION["user"]->logout();
public function start() { require_once $this->folder . "forum.class.php"; $this->connection->exec("CREATE TABLE IF NOT EXISTS `" . $this->getDbPrefix() . "forum_threads` (\n\t\t\t`forumid` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t`userid` int(11) NOT NULL,\n\t\t\t`title` text NOT NULL,\n\t\t\t`text` text NOT NULL,\n\t\t\t`timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t`toptopic` int(11) NOT NULL,\n\t\t\t`threadstate` int(5) NOT NULL DEFAULT '0',\n\t\t\t`editcounter` int(5) NOT NULL DEFAULT '0',\n\t\t\tPRIMARY KEY (`forumid`)\n\t\t)"); $template = $this->templateObject; $template->addTemplateDir($this->folder . "forum/"); $connection = $this->connection; // $template -> assign("allcss", $this->folder."forum/css/sprrtrteech.css"); $template->assign("pluginId", $_GET['plugin']); $template->assign("folder", $this->folder); $template->assign("ownuserid", $this->currentUser->getId()); $threads = new allThreads($connection, $_SESSION["user"], $this->getDbPrefix()); switch ($_GET['action']) { case "createthread": $dojorequire = array("dijit.Editor", "dojo.parser"); $template->assign("dojorequire", $dojorequire); $template->assign("savemethod", "new"); return $template->fetch($this->folder . 'forumPlugin_createThread.tpl'); break; case "reply": $thread = $threads->getThreadById($_GET['threadid']); if (!is_null($thread)) { $dojorequire = array("dijit.Editor", "dojo.parser"); $template->assign("dojorequire", $dojorequire); $template->assign("threadid", $thread->getId()); $template->assign("threadtitle", $thread->getTitle()); $template->assign("savemethod", "reply"); return $template->fetch($this->folder . 'forumPlugin_reply.tpl'); } break; case "deletethread": if (!empty($_GET['threadid'])) { $threads->deleteThread($_GET['threadid'], true); } break; case "editthread": $thread = $threads->getThreadById($_GET['threadid']); if (!is_null($thread)) { if ($thread->getUserId() == $this->currentUser->getId() || usertools::containRoles($GLOBALS["adminRoles"], $_SESSION["user"]->getRoles())) { $dojorequire = array("dijit.Editor", "dojo.parser"); $template->assign("dojorequire", $dojorequire); $template->assign("threadid", $thread->getId()); $template->assign("savemethod", "edit"); $template->assign("threadtitle", $thread->getTitle()); $template->assign("title", $thread->getTitle()); $template->assign("text", $thread->getText()); return $template->fetch($this->folder . 'forumPlugin_edit.tpl'); } else { $template->assign("errorTitle", "You haven't enough rights or the thread doesn't exist"); $template->assign("errorDescription", "Please check your roles and verify that this thread exists!"); $template->display('error.tpl'); die; } } break; case "savethread": if (!empty($_POST['topictitle']) && !empty($_POST['topictext']) && $_GET['savemethod'] == "new") { $threads->createNewThread($_POST['topictitle'], $_POST['topictext']); $template->assign('threads', $threads->getAllTopThreads()); //array_push($messages, "Thread opened"); $template->assign('messages', $messages); return $template->fetch($this->folder . 'forumPlugin.tpl'); break; } else { if (!empty($_POST['topictext']) && !empty($_GET['threadid'])) { $thread = $threads->getThreadById($_GET['threadid']); if (!is_null($thread) && ($thread->getThreadState() == forumtools::$THREADACTIVE || $admin) || $allowedAccess == "Admin") { if (empty($_POST['topictitle'])) { $_POST['topictitle'] = ""; } if ($_GET['savemethod'] == "reply") { // threadid means here the topthreadid $threads->createNewThread($_POST['topictitle'], $_POST['topictext'], $_GET['threadid']); } else { if ($_GET['savemethod'] == "edit") { $threads->editThread($_POST['topictitle'], $_POST['topictext'], $thread->getEditCounter() + 1, $_GET['threadid']); $threads->changeThreadState($thread->getId(), $_POST['state']); } } } } else { $template->assign('errorTitle', _("No data submitted")); $template->assign('errorDescription', _("Please use the normal form")); return $template->fetch('error.tpl'); break; } } header("Location: plugin.php?plugin=" . $_GET['plugin'] . "&action=showthread&threadid=" . $threads->getTopThreadId($_GET['threadid'])); break; case "showthread": if (!empty($_GET['threadid'])) { $thread = $threads->getThreadById($_GET['threadid']); if (!is_null($thread) && ($thread->getThreadState() != forumtools::$THREADHIDDEN || $admin) || $allowedAccess == "Admin") { $template->assign('threadTitle', $thread->getTitle()); $template->assign('threadText', $thread->getText()); $template->assign('threadage', $thread->getTimestamp()); $template->assign('threadid', $thread->getId()); $template->assign('username', $thread->getUsername()); $template->assign('userid', $thread->getUserId()); if (isset($user)) { $template->assign('ownuserid', $user->getId()); } $subthreads = $threads->getSubThreads($thread->getId(), $admin); $template->assign('subthreads', $subthreads); return $template->fetch($this->folder . 'forumPlugin_view.tpl'); } else { $template->assign('errorTitle', _("No thread found by this id!")); $template->assign('errorDescription', _("There was no thread with this id.")); return $template->fetch('error.tpl'); } } else { $template->assign('errorTitle', _("No thread-id was given")); $template->assign('errorDescription', _("There was no id for a thread!")); return $template->fetch('error.tpl'); } break; default: $template->assign('show', $_POST['topictext']); $template->assign('threads', $threads->getAllTopThreads()); return $template->fetch($this->folder . '/forumPlugin.tpl'); } }
case "edit": $template->assign("allcss", array("js/dojo/dojox/editor/plugins/resources/css/Preview.css", "js/dojo/dojox/form/resources/FileUploader.css", "js/dojo/dojox/editor/plugins/resources/css/FindReplace.css")); $template->assign("onLoadCode", 'dojo.connect(customfieldList,"onDndDrop",function(e){updateCustomfieldList()});'); $template->assign("dojorequire", array("dojo.dnd.Source", "dojox.editor.plugins.Preview", "dojox.editor.plugins.FindReplace")); if (isset($_POST)) { usertools::editUser($user->getId(), $_POST, $connection); } if (isset($_GET['editId'])) { $template->assign("editCustomField", $user->getCustomfieldById($_GET['editId'])); } $template->assign("customfields", $user->getCustomfields($connection)); $template->assign("roles", $user->getRoles()); $template->assign("username", $user->getUsername()); $template->display('profile_edit.tpl'); break; default: if (isset($_GET['userid']) && usertools::userIdExists($_GET['userid'], $connection) && $_GET['userid'] != $user->getId()) { $user = usertools::getAlienUserbyId($_GET['userid'], $connection); } elseif (isset($_GET['userid']) && $_GET['userid'] == -1) { $user = new alienuser(); $user->setId(-1); $user->setUsername("Guest"); } else { $template->assign("own", true); $template->assign("roles", $user->getRoles()); } $template->assign("customfields", $user->getCustomfields($connection)); $template->assign("username", $user->getUsername()); $template->display("profile.tpl"); break; }
$template->display('users_edituser.tpl'); } break; case "createuser": $template->assign("roles", admin::extractFromArray(admin::getRoles($connection), "role")); $template->assign("messages", $messages); $template->display('user_createuser.tpl'); break; case "mkedit": if ($_POST['sure'] == "on") { if ($_POST['password'] == $_POST['password2']) { usertools::editUser($_GET['userid'], $_POST, $connection); $messages[] = "Changes where successfull for user " . $_SESSION['editUser']['username']; } else { $messages[] = "Passwords don't match!"; } } break; case "mkuser": $messages[] = usertools::registerUser($_POST, $connection); break; } if (isset($_GET['deleteId'])) { usertools::deleteUser($_GET['deleteId'], $connection); } if (!isset($_GET['action']) || $_GET['action'] == "mkedit" || $_GET['action'] == "mkuser") { $template->assign("messages", $messages); $users = admin::getUsers($connection); $template->assign("users", admin::extractFromArray($users, "username")); $template->display('user.tpl'); }
$roleid = $role['roleid']; } } $newUser = array("name" => $_POST['name'], "password" => $_POST['password'], "broleid" => $roleid); usertools::editUser($_SESSION['editUser'], $newUser, $connection); array_push($messages, "Changes where successfull for user " . $_SESSION['editUser']['username']); } else { array_push($messages, "Passwords don't match!"); } } unset($_SESSION['editUser']); break; case "mkuser": if (!empty($_POST['username']) && !empty($_POST['name'])) { if ($_POST['password'] == $_POST['password2']) { foreach (admin::getRoles($connection) as $role) { if ($role['role'] == $_POST['role']) { $roleid = $role['roleid']; } } array_push($messages, usertools::registerUser($_POST['username'], $_POST['name'], $_POST['password'], $roleid, $connection)); } } break; } if (!isset($_GET['action']) || $_GET['action'] == "mkedit" || $_GET['action'] == "mkuser") { $template->assign("messages", $messages); $users = admin::getUsers($connection); $template->assign("users", admin::extractFromArray($users, "username")); $template->display('user.tpl'); }